Top

Journal of Combinatorial Optimization

Published in:

01-07-2016

Algorithms for the workflow satisfiability problem engineered for counting constraints

Authors: D. Cohen, J. Crampton, A. Gagarin, G. Gutin, M. Jones

Published in: Journal of Combinatorial Optimization | Issue 1/2016

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The workflow satisfiability problem (WSP) asks whether there exists an assignment of authorized users to the steps in a workflow specification that satisfies the constraints in the specification. The problem is NP-hard in general, but several subclasses of the problem are known to be fixed-parameter tractable (FPT) when parameterized by the number of steps in the specification. In this paper, we consider the WSP with user-independent counting constraints, a large class of constraints for which the WSP is known to be FPT. We describe an efficient implementation of an FPT algorithm for solving this subclass of the WSP and an experimental evaluation of this algorithm. The algorithm iteratively generates all equivalence classes of possible partial solutions until, whenever possible, it finds a complete solution to the problem. We also provide a reduction from a WSP instance to a pseudo-Boolean (PB) SAT instance. We apply this reduction to the instances used in our experiments and solve the resulting PB SAT problems using SAT4J, a PB SAT solver. We compare the performance of our algorithm with that of SAT4J and discuss which of the two approaches would be more effective in practice.

previous article Special Issue for FAW 2014

next article Dynamic matchings in left vertex weighted convex bipartite graphs

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

We would like to emphasize that even though the constraints considered in the theoretical part of Wang and Li’s paper are purely user-independent, the authors consider randomly generated relations between users for their experiments. Therefore the experimental tests in Wang and Li (2010) are done not in a user-independent environment.

Our computer is more powerful than the one used by Wang and Li (2010).

This experimental setup is different from the one used in our earlier work (Cohen et al. (2014)).

Schaad et al. investigated several case studies in which authorization constraints were relevant, including a loan origination process in a bank (see Schaad et al. (2006)) and the creation of electronic signatures in a law practice (see Schaad et al. (2005)). These two business processes used 13 and 12 steps, respectively.

American National Standards Institute (2004) ANSI INCITS 359–2004 for role based access control, ANSI, New York

Basin DA, Burri SJ, Karjoth G (2014) Obstruction-free authorization enforcement: aligning security and business objectives. J Comput Secur 22(5):661–698CrossRef

Berend D, Tassa T (2010) Improved bounds on Bell numbers and on moments of sums of random variables. Probab Math Stat 30(2):185–205MathSciNetMATH

Bertino E, Ferrari E, Atluri V (1999) The specification and enforcement of authorization constraints in workflow management systems. ACM Trans Inf Syst Secur 2(1):65–104CrossRef

Chimani M, Klein K (2010) Algorithm engineering: concepts and practice. In: Bartz-Beielstein T, Chiarandini M, Paquete L, Preuss M (eds) Experimental methods for the analysis of optimization algorithms. Springer, Germany, pp 131–158CrossRef

Cohen D, Crampton J, Gagarin A, Gutin G, Jones M (2014) Engineering algorithms for workflow satisfiability problem with user-independent constraints. In: Chen J, Hopcroft JE, Wang J (Eds.) Proceedings 8th International Frontiers of Algorithmics Workshop (FAW 2014), LNCS 8497. Springer, pp 48–59

Cohen D, Crampton J, Gagarin A, Gutin G, Jones M (2014) Iterative plan construction for the workflow satisfiability problem. J Artif Intell Res 51:555–577MathSciNetMATH

Crampton J (2005) A reference monitor for workflow systems with constrained task execution. In: 9th SACMAT. ACM, New York, pp 38–47

Crampton J, Gutin G (2013) Constraint expressions and workflow satisfiability. In: 18th SACMAT. ACM, New York, pp 73–84

Crampton J, Gutin G, Karapetyan D (2015) Valued workflow satisfiability problem. In: 20th ACM SACMAT, to appear

Crampton J, Gutin G, Yeo A (2013) On the parameterized complexity and kernelization of the workflow satisfiability problem. ACM Trans Inf Syst Secur 16(1):4CrossRef

Downey RG, Fellows MR (2013) Fundamentals of parameterized complexity. Springer, LondonCrossRefMATH

Durstenfeld R (1964) Algorithm 235: Random permutation. Commun ACM 7(7):420CrossRef

Fisher RA, Yates F (1948) Statistical tables for biological, agricultural and medical research, 3rd edn. Oliver and Boyd, EdinburghMATH

Flum J, Grohe M (2006) Parameterized complexity theory. Springer, BerlinMATH

Gligor VD, Gavrila SI, Ferraiolo DF (1998) On the formal definition of separation-of-duty policies and their composition. In: IEEE Symposium on Security and Privacy, IEEE Computer Society, 172–183

Karapetyan D, Gagarin A, Gutin G (2015) Pattern Backtracking Algorithm for the Workflow Satisfiability Problem with User-Independent Constraints. In: FAW 2015, Lect Notes Comput Sci, to appear

Le Berre D, Parrain A (2010) The SAT4J library, release 2.2. J Satisf Bool Model Comput 7:59–64

Myrvold W, Kocay W (2011) Errors in graph embedding algorithms. J Comput Syst Sci 77(2):430–438MathSciNetCrossRefMATH

Niedermeier R (2006) Invitation to fixed-parameter algorithms. Oxford University Press, OxfordCrossRefMATH

Reingold EM, Nievergelt J, Deo N (1977) Combinatorial algorithms: theory and practice. Prentice Hall, Englewood CliffsMATH

Schaad A, Spadone P, Weichsel H (2005) A case study of separation of duty properties in the context of the Austrian “eLaw” process. In: Proceedings the 2005 ACM Symposium on Applied Computing (SAC 2005), 1328–1332

Schaad a, Schaad A, Lotz V, Sohr K (2006) A model-checking approach to analysing organisational controls in a loan origination process. In: Ferraiolo DF, Ray I (eds) SACMAT. ACM, New York, pp 139–149CrossRef

Wang Q, Li N (2010) Satisfiability and resiliency in workflow authorization systems. ACM Trans Inf Syst Secur 13(4):40CrossRef

Wolter C, Schaad A (2007) Modeling of task-based authorization constraints in BPMN. BPM, LNCS 4714. Springer, Brisbane, pp 64–79

Title: Algorithms for the workflow satisfiability problem engineered for counting constraints
Authors: D. Cohen
J. Crampton
A. Gagarin
G. Gutin
M. Jones
Publication date: 01-07-2016
Publisher: Springer US
Published in: Journal of Combinatorial Optimization / Issue 1/2016
Print ISSN: 1382-6905
Electronic ISSN: 1573-2886
DOI: https://doi.org/10.1007/s10878-015-9877-7

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Other articles of this Issue 1/2016

Improved approximation algorithm for maximum agreement forest of two rooted binary phylogenetic trees

Complexity of domination, hamiltonicity and treewidth for tree convex bipartite graphs

New analysis and computational study for the planar connected dominating set problem

Efficient approximation algorithms for computing k disjoint constrained shortest paths

Complete forcing numbers of primitive coronoids

On strongly planar 3SAT

Premium Partner